Alternatives to YARA
Compare YARA alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to YARA in 2026. Compare features, ratings, user reviews, pricing, and more from YARA competitors and alternatives in order to make an informed decision for your business.
-
1
THOR
Nextron Systems
THOR is the most sophisticated and flexible compromise assessment tool on the market. Incident response engagements often begin with a group of compromised systems and an even bigger group of systems that are possibly affected. The manual analysis of many forensic images can be challenging. THOR speeds up your forensic analysis with more than 12,000 handcrafted YARA signatures, 400 Sigma rules, numerous anomaly detection rules and thousands of IOCs. THOR is the perfect tool to highlight suspicious elements, reduce the workload and speed up forensic analysis in moments in which getting quick results is crucial. THOR focuses on everything the Antivirus misses. With its huge signature set of thousands of YARA and Sigma rules, IOCs, rootkit and anomaly checks, THOR covers all kinds of threats. THOR does not only detect the backdoors and tools attackers use but also outputs, temporary files, system configuration changes and other traces of malicious activity. -
2
Unkown Cyber
Unkown Cyber
Get the information advantage needed to beat the next threat. 24/ 7 investigation of alerts that remain unknown to other solutions. Immediately know that an unknown suspect’s code is a variant of malware quantifiably with 70-100% similarity. Immediately know all the suspect’s matched malware families, the type of malware, and IOCs. Act automatically and block perfect malware matches. Escalate suspects after obtaining an information advantage that arrives with the code of interest already identified. Automatically employ newly extracted IOCs and all matched IOCs to harden. Hunt and monitor with automatically created highly accurate bytecode-based YARA created from the suspect just convicted, our collection of matched code, or from specifically selected malware samples. Customizable API lets you automate action to save expert time by automatically deobfuscating and reversing exploit code to individual functions. -
3
Siterack
Siterack
All of your websites are pinged every 60 seconds to make sure they are alive and well. If an error is reported back, Siterack assesses the problem and will send a note to let you know. Siterack automatically runs a daily backup of all your sites and securely stores them in our cloud. All backups are displayed in your site's Control Center so you can easily search for the one you need. Before each update, Siterack grabs a backup - just in case. Afterward, Siterack incrementally updates each package and scans the site for any issues or failures using our AI. Error Detection system. If anything goes wrong, Siterack will automatically restore the most recent backup and let you know. Using dual-method, malware detection technology, the Siterack Malware Engine runs daily scans looking for and removing any malicious packages. The system uses a combination of Yara rule and signature violations to detect the malware and automatically remove it upon discovery.Starting Price: $19 per month -
4
Cofense Triage
Cofense
Cofense Triage™ accelerates phishing email identification and mitigation. Improve your response time with integration and automation. We use Cofense Intelligence™ rules and an industry-leading spam engine to automatically identify and analyze threats. And our robust read/write API lets you integrate intelligent phishing defense into your workflow, so your team can focus their efforts and protect your organization. We know stopping phish isn’t always straightforward. That’s why Cofense Triage™ makes it easy to get on-demand help from the experts. They’re just one click away, anytime. Our Threat Intelligence and Research Teams continually update our library of YARA rules, making it easier for you to identify emerging campaigns and improve response time. And the Cofense Triage Community Exchange allows you to crowd-source phishing email analysis and threat intelligence, so you’re never on your own. -
5
Extend your security intelligence from local network to global cyberspace. Get in-depth, up-to-date global knowledge about specific threats and attack sources, which can be difficult to obtain if you only have access to information within your own networks. ESET Threat Intelligence data feeds utilize widely supported STIX and TAXII formats, which makes it easy to integrate with existing SIEM tools. Integration helps to deliver the latest information on the threat landscape to predict and prevent threats before they strike. ESET Threat Intelligence features a full API that is available for automation of reports, YARA rules and other functionalities to allow for integration with other systems used within organizations. These allow organizations to set up custom rules to obtain company-specific information that security engineers are interested in. Organizations receive valuable details such as the number of times specific threats have been seen worldwide.Starting Price: $132
-
6
Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it. Secure Malware Analytics rapidly analyzes files and suspicious behavior across your environment. Your security teams get context-rich malware analytics and threat intelligence, so they’re armed with insight into what a file is doing and can quickly respond to threats. Secure Malware Analytics analyzes the behavior of a file against millions of samples and billions of malware artifacts. Secure Malware Analytics identifies key behavioral indicators of malware and their associated campaigns. Take advantage of Secure Malware Analytics's robust search capabilities, correlations, and detailed static and dynamic analyses.
-
7
ReversingLabs
ReversingLabs
ReversingLabs is a software supply chain security platform that helps organizations identify hidden threats within software components. It uses AI-driven binary analysis to detect malware, tampering, secrets, and other active threats that traditional tools often miss. ReversingLabs analyzes first-party, open-source, and third-party software to provide complete visibility into software risk. Its flagship solution, Spectra Assure®, identifies security issues in final builds before release. The platform leverages one of the world’s largest threat intelligence repositories to improve accuracy and reduce false positives. ReversingLabs helps organizations move from reactive threat detection to proactive risk management. It delivers trusted insights that strengthen software trust and security operations. -
8
odix
odix
odix’s patented technology disarms malicious code from files. Our concept is simple, instead of trying to detect the malware, odix generates a malware free copy of the file to the user. Total protection from known and unknown threats delivered to corporate network by incoming files. odix’s malware prevention solutions are based on its Deep File Inspection and TrueCDR™ patented technology. The algorithms provide new detection-less approach against File-Based attacks. The core CDR (Content Disarm and Reconstructions) process focuses on verifying the validity of the file structure on the binary level and disarms both known and unknown threats. This is very different from anti-virus and sandbox methods that scan for threats, detect a subset of malware and block files. With CDR, all malware, including zero-days, are prevented and the user gets a safe copy of the originally infected file. -
9
Avira Cloud Sandbox
Avira
The Avira Cloud Sandbox is an award-winning, unlimited-scale automated malware analysis service. It blends multiple advanced analysis technologies to deliver a complete threat intelligence report from an uploaded file. The Cloud Sandbox API delivers a detailed, file-specific, threat intelligence report. It contains valuable, actionable intelligence. The report has a detailed classification of the file, information on the techniques, tactics and procedures (IoCs) present in the threat, and a description of how and why the submitted file was identified as clean, malicious, or suspicious. Avira’s Cloud Sandbox leverages the technologies developed within the Avira Protection Cloud, the cloud security system that underpins the anti-malware and threat intelligence solutions of Avira. Through OEM technology partnerships we protect many of the world’s leading cyber-security vendors, and nearly a billion people world-wide. -
10
QFlow
Quarkslab
QFlow is an advance malware detection and analysis platform to reduce the risk of infection during file transfers. QFlow offers comprehensive detection methods and the customization and automation of processing chains to meet specific needs. QFlow integrates a suite of tools that allow advanced analysis of potentially malicious files: commercial antiviruses, commercial sandboxes, open source tools optimized with Quarkslab's expertise. The deployment modes offered, as well as the strict security requirements that apply to the solution, reduce the risk of data leakage. Use Cases: - detection of malware in files and URLs - advanced threat analysis for security engineers - simplified integration into IT infrastructure or business application chains via ICAP or APIs - removable device security through white stations Analysis: - Static analysis (4 AVs) - Dynamic analysis (VMRay) - Morphological analysis (Binary analysis by Cyber Detect's GORILLE) -
11
Threat.Zone
Malwation
Threat.Zone is a hypervisor-based, automated and interactive tool for analyzing malware , you can fight new generation malware.Starting Price: $99 per month -
12
PT MultiScanner
Positive Technologies
PT MultiScanner provides multiple levels of anti-malware protection to detect and block infections on corporate infrastructure, uncover hidden threats, and facilitate investigation of malware-related security incidents. Counting on the same antivirus vendor to be right every time? Draw on the best anti-malware vendors and Positive Technologies expertise instead. Extensive integration support and scalability make PT MultiScanner the right choice for both startups and the largest corporations. Suspicious objects are scanned with multiple anti-malware engines, static analysis, and Positive Technologies reputation lists. The solution supports scanning of files and archives, including recursively compressed ones. As a result, PT MultiScanner can spot and block malware far more effectively than any one method used in isolation. -
13
VMRay
VMRay
At VMRay, we provide enterprises and technology partners worldwide with best-in-class, scalable, automated malware analysis and detection solutions that greatly reduce their exposure to malware-related threats, attacks and vulnerabilities. -
14
Falcon Sandbox
CrowdStrike
Falcon Sandbox performs deep analysis of evasive and unknown threats, enriches the results with threat intelligence and delivers actionable indicators of compromise (IOCs), enabling your security team to better understand sophisticated malware attacks and strengthen their defenses. Unique hybrid analysis technology detects unknown and zero-day exploits while defeating evasive malware. Uncover the full attack lifecycle with in-depth insight into all file, network, memory and process activity. Save time and make all security teams more effective with easy-to-understand reports, actionable IOCs and seamless integration. The most sophisticated analysis is required to uncover today’s evasive and advanced malware. Falcon Sandbox’s Hybrid Analysis technology exposes hidden behavior, defeats evasive malware and delivers more IOCs, to improve the effectiveness of the entire security infrastructure. -
15
REVERSS
Anlyz
Threat actors today are highly sophisticated and are using disruptive technologies to penetrate the security walls of enterprises in unrelenting fashion. Reverss provides automated dynamic malware analysis to enable Cyber Intelligence Response Teams (CIRT) to mitigate obfuscated malware faster and effectively. Speedy detection of malware is powered by a central detection engine to drive functions around security operations towards correct threat response. Get actionable insights on how to tackle and rapidly nullify attacks with backing from robust security libraries that track past threats and intelligently reverse new ones. Enrich tasks of security analysts to expose more threat behaviors with context to understand the scope of threat. Derive thorough Malware Analysis Reports that drill down every detail of why, how and when an evasion occurred to upkeep your experts with knowledge and defend your business from future attacks. -
16
Binary Ninja
Binary Ninja
Binary Ninja is an interactive disassembler, decompiler, and binary analysis platform for reverse engineers, malware analysts, vulnerability researchers, and software developers that runs on Windows, macOS, and Linux. Disassemble executables and libraries from multiple formats, platforms, and architectures. Decompile code to C or BNIL for any supported architecture, including your own. Automate analysis with C++, Python, and Rust APIs from inside or outside the UI. Visualize control flow and navigate through cross-references interactively. Name variables and functions, apply types, create structures, and add comments. Collaborate effortlessly with synchronized commits using our Enterprise product. Our built-in decompiler works with all of our officially supported architectures at one price and builds on a powerful family of ILs called BNIL. In fact, not just our architectures, but even community architectures can produce amazing decompilation.Starting Price: $299 one-time payment -
17
FileScan.IO
FileScan GmbH
FileScan.IO is a next-gen malware analysis platform with the following emphasis: - Providing rapid and in-depth threat analysis services capable of massive processing - Focus on Indicator-of-Compromise (IOC) extraction and actionable context Key Benefits - Perform detection and IOC extraction for all common files in a single platform - Rapidly identify threats, their capabilities and update your security systems - Search your corporate network for compromised endpoints - Analyze files at scale without actually executing them - Easy reporting for entry level analysts and executive summary - Easy deployment and maintenance We offer a free community service which is a free malware analysis service that offers rapid in-depth file assessments, threat intelligence and indicator of compromise (IOCs) extraction for a wide range of executable files, documents and scripts. -
18
Hybrid Analysis
Hybrid Analysis
Here you can find common 'how-to' and troubleshooting guides around this community platform and aspects of the Falcon Sandbox platform. Please use the menu on the left side to navigate through some of the published articles. Hybrid Analysis requires that users undergo the Hybrid Analysis Vetting Process prior to obtaining an API key or downloading malware samples. Please note that you must abide by the Hybrid Analysis Terms and Conditions and only use these samples for research purposes. You are not permitted to share your user credentials or API key with anyone else. Please notify Hybrid Analysis immediately if you believe that your API key or user credentials have been compromised. At times, it may happen that a vetting request will get rejected due to incomplete data or a missing full real name, real business name or other means of validating cybersecurity credentials. In this case, it is possible to re-submit a vetting request one more time. -
19
Cuckoo Sandbox
Cuckoo
You can throw any suspicious file at it and in a matter of minutes Cuckoo will provide a detailed report outlining the behavior of the file when executed inside a realistic but isolated environment. Malware is the swiss-army knife of cybercriminals and any other adversary to your corporation or organization. In these evolving times, detecting and removing malware artifacts is not enough: it's vitally important to understand how they operate in order to understand the context, the motivations, and the goals of a breach. Cuckoo Sandbox is free software that automated the task of analyzing any malicious file under Windows, macOS, Linux, and Android. Cuckoo Sandbox is an advanced, extremely modular, and 100% open source automated malware analysis system with infinite application opportunities. Analyze many different malicious files (executables, office documents, pdf files, emails, etc) as well as malicious websites under Windows, Linux, macOS, and Android virtualized environments. -
20
Jotti
Jotti
Jotti's malware scan is a free service that lets you scan suspicious files with several anti-virus programs. You can submit up to 5 files at the same time. There is a 250MB limit per file. Please be aware that no security solution offers 100% protection, not even when it uses several anti-virus engines. All files are shared with anti-virus companies so detection accuracy of their anti-virus products can be improved. We are not interested in names, addresses, or other information providing insight into the identities of our visitors, but we do log and use some of the data you provide. We recognize that privacy is important and we want you to completely understand what happens with the information you send to us. We store files you send in for scanning and share these with anti-malware companies. We do this to help anti-malware companies improve the detection accuracy of their security products. We treat your files confidentially. -
21
Zemana AntiMalware
Zemana
Scan your PC in fast and effective way for malware, spyware, virus detection and removal. Detects and removes annoying browser add-on's, adware, unwanted apps and toolbar and any type of malware on your PC. We are developing this product based on your feedback. Don't let malware take away your PC! Zemana is a cyber-security company that keeps you safe from identity theft, credit card fraud, ransomware and other dangers of the online world. This is a privately held company, formed in 2007 by three college graduates. They wanted to offer more refined security solutions because at that time there were no products on the market that could defeat the rapidly growing level of new hacking variants. This is how our pioneer product Zemana AntiLogger came to life. Instead of just updating a virus database with known virus variants, Zemana AntiLogger was based on behavioral characteristics, so any unexpected and suspicious activity on a computer was blocked automatically.Starting Price: $24.95 per year -
22
FileAlyzer
Spybot
If you want to know more about the inner life of files, FileAlyzer is the tool you urgently need! FileAlyzer shows basic file content, a standard hex viewer, and a wide range of customized displays for interpreted complex file structures that help you understand the purpose of a file. It also supports generation of OpenSBI advanced file parameters, with FileAlyzer you can find the right attributes to write your own optimized malware file signatures! Files as you see them do often contain more than the visible content, through so-called alternate data streams. FileAlyzer makes the additional information in these streams visible through a list of streams associated with the current file, and a basic hex viewer. Sometimes, malware attaches itself as a custom stream to legit files, and can be identified here. Android apps are actually zip archives that include the app code and many resources and configuration files. FileAlyzer will display a few app properties. -
23
ANY.RUN
ANY.RUN
ANY.RUN is an online interactive sandbox for DFIR/SOC investigations. The service gives access to fast malware analysis and detection of cybersecurity threats. The effectiveness of the solution has been proven by over 500,000 active users who find new threats with ANY.RUN daily. ANY.RUN provides an interactive sandbox for malware analysis, offering deep visibility into threat behavior in a secure, cloud-based environment with Windows, Linux, and Android support. It helps SOC teams accelerate monitoring, triage, DFIR, and threat hunting — enabling them to analyze more threats in a team and process more alerts in less time. Learn more at ANY.RUN's website. -
24
Cloudxray
Cloudnosys
CloudXray is a cloud workload scanning solution that operates in two deployment modes; basic for misconfiguration detection and advanced for full malware, OS vulnerability, and misconfiguration scanning. The architecture consists of an orchestrator deployed in a single region and distributed scanners covering all discovered regions, making it fully compatible with both AWS and GCP environments. It uses an agentless approach to inspect workloads and volumes across your cloud account for malware, CVEs, and policy deviations. The solution provisions scanning instances on demand, integrates via roles and APIs, and provides continuous coverage of cloud resources without requiring persistent agents. CloudXray supports rapid deployment and is optimized for scalable, multi-region cloud workloads. It is designed to help organizations maintain a secure posture across compute instances, storage volumes, and OS layers by combining configuration assessment, vulnerability detection, and more. -
25
Deep Discovery Inspector
Trend Micro
Deep Discovery Inspector is available as a physical or virtual network appliance. It’s designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches. Organizations are increasingly becoming victims of targeted ransomware when advanced malware bypasses traditional security, encrypts data, and demands payment to release the data. Deep Discovery Inspector uses known and unknown patterns and reputation analysis to detect the latest ransomware attacks, including WannaCry. The customized sandbox detects mass file modifications, encryption behavior, and modifications to backup and restore processes. Security professionals are flooded with threat data coming from numerous sources. Trend Micro™ XDR for Networks helps prioritize threats and provide visibility into an attack. -
26
AhnLab Xcanner
AhnLab
It is difficult to apply the latest security patch to various fixed function systems, such as Industrial Control Systems (ICS), Point of Sales (POS) Systems, KIOSKs, and ATMs, due to their sensitivity and outdated OS. This leaves them vulnerable to malware infection. As such these systems are placed in air-gapped network or low bandwidth network environments, which are designed to perform only set processes with bare minimum system requirements, it is often impossible to perform engine updates, real-time detection, and remediation with security programs built for PC environment. AhnLab Xcanner enables users to set scan and repair options according to each operating environment and provides minimal clashes with pre-installed security agents. Due to its user-friendly interface, on-site workers and facility managers with zero security knowledge can also easily respond to malware. -
27
REMnux
REMnux
REMnux® is a Linux toolkit for reverse-engineering and analyzing malicious software. REMnux provides a curated collection of free tools created by the community. Analysts can use it to investigate malware without having to find, install, and configure the tools. The easiest way to get the REMnux distro is to download the REMnux virtual machine in the OVA format, then import it into your hypervisor. You can also install the distro from scratch on a dedicated host or add it to an existing system running a compatible version of Ubuntu. The REMnux toolkit also offers Docker images of popular malware analysis tools, making it possible to run the them as containers without having to install the tools directly on the system. You can even run the REMnux distro as a container. For details about installing, using, and contributing to REMnux, as well as for information about the tools included in the toolkit, see the REMnux documentation site. -
28
Palo Alto Networks WildFire
Palo Alto Networks
WildFire® utilizes near real-time analysis to detect previously unseen, targeted malware and advanced persistent threats, keeping your organization protected. Access advanced file analysis capabilities to secure applications like web portals, integrate with SOAR tools, and more. Incorporate WildFire’s unique malware analysis capabilities spanning multiple threat vectors resulting in consistent security outcomes across your organization via an API. Choose flexible file submission and query volumes as needed without requiring a next-generation firewall. Leverage industry-leading advanced analysis and prevention engine capabilities, regional cloud deployments, & unique network effect. WildFire combines machine learning, dynamic and static analysis, and a custom-built analysis environment to discover even the most sophisticated threats across multiple stages and attack vectors. -
29
Cloud-Delivered Security Services
Palo Alto Networks
Palo Alto Networks Cloud-Delivered Security Services provide a comprehensive, integrated cloud security solution that protects users, applications, devices, and data across all locations. Powered by Precision AI™ and backed by the Unit 42® Threat Research team, these services analyze real network traffic in real time to stop threats such as phishing, malware, ransomware, and DNS hijacking. Key offerings include Advanced Threat Prevention, Advanced WildFire malware analysis, and Advanced DNS Security, which deliver industry-leading protection against known and unknown attacks. The platform also secures IoT devices with a zero trust model and controls SaaS application usage with NG-CASB. AI Access Security ensures safe use of generative AI apps with access control and data protection. Together, these services leverage a global cloud infrastructure to scale protection and prevent attacks faster than any other solution. -
30
VIPRE ThreatAnalyzer
VIPRE Security Group
VIPRE ThreatAnalyzer is a powerful dynamic malware analysis sandbox that helps you stay ahead of cyber threats. It lets you safely uncover how malware could impact your organization, so you can respond faster and smarter. Today’s most dangerous attacks often hide in legitimate-looking files—like executables, PDFs, or Microsoft Office documents—waiting for one wrong click to cause chaos, disrupt operations, and rack up financial damage. ThreatAnalyzer intercepts suspicious files, including ransomware and zero-day threats, and detonates them in a secure sandbox environment. Its machine-learning engine analyzes the threats, providing valuable insights into how attacks work, which systems are at risk, and how to strengthen defenses. Get inside the mind of attackers without compromising your network. With VIPRE ThreatAnalyzer, you’ll gain the knowledge to outsmart cybercriminals before they strike.Starting Price: $5400/year for 5q/day -
31
Admin By Request
Admin By Request
With rapid provisioning of Just-In-Time privilege elevation across your entire workforce. On-board and manage workstations and servers via a user-friendly portal. To reveal risky users and assets through thread and behavioral analytics to identify malicious software and prevent data breaches and malware attacks. By elevating applications - not users. Delegate privileges based on the user or groups to save time and monetary resources. Whether a developer in the IT department, a tech newbie in HR, or a third-party consultant needing to service one of your endpoints, there's a method of elevation appropriate for every user. All features come out-of-the-box with Admin By Request and can be tailored to the needs of individual users or groups. -
32
Joe Sandbox
Joe Security
Tired of high level malware analysis? Perform one of the deepest analysis possible - fully automated or manual - from static to dynamic, from dynamic to hybrid, from hybrid to graph analysis. Rather than focus on one, use the best of multiple technologies including hybrid analysis, instrumentation, hooking, hardware virtualization, emulation and machine learning / AI. Check out our reports to see the difference. Deeply analyze URLs to detect phishing, drive by downloads, tech scam and more. Joe Sandbox uses an advanced AI based algorithm including template matching, perptual hashing, ORB feature detection and more to detect the malicious use of legit brands on websites. Add your own logos and templates to extend the detection capabilities. Interact with the sandbox through Live Interaction - directly from your browser. Click through complex phishing campains or malware installers. Test your software against backdoors, information leakage and exploits (SAST and DAST). -
33
Symantec Content Analysis
Broadcom
Symantec Content Analysis automatically escalates and brokers potential zero-day threats for dynamic sandboxing and validation before sending content to users. Analyze unknown content from one central location. Leveraging Symantec ProxySG, this malware analyzer uses a unique multi-layer inspection and dual-sandboxing approach to reveal malicious behavior and expose zero-day threats, and safely detonate suspicious files and URLs. Content Analysis delivers multi-layer file inspection to better protect your organization against known and unknown threats. Unknown or suspicious content from sources like ProxySG, messaging gateway, or other tools is delivered to Content Analysis for deep inspection, interrogation, analysis and ultimately blocking, if deemed malicious. Recent enhancements to Content Analysis strengthens this platform even further. -
34
Comodo Antivirus
Comodo
Complete protection for all of your devices at only $29.99 per device includes an award-winning firewall, host intrusion prevention, sandbox for untrusted software, anti-malware, and buffer overflow protection to tackle today’s diverse threats. Simply put, our antivirus program has everything you and your family need to safely browse the internet and use your device. Our free download offers basic protection for your PC but depending on your needs, that may not be enough. Complete Antivirus actively protects you while you shop online, offers web filtering and unlimited product support! We are offering the best value on the market because we strongly believe in creating a cyber-safe environment for everyone. We are a company that develops the most advanced cyber-security solutions for enterprise businesses, and we use that same technology to protect homes across the world with Comodo Antivirus.Starting Price: $29.99 per year -
35
OPSWAT MetaDefender
OPSWAT
MetaDefender layers an array of market-leading technologies to protect critical IT and OT environments and shrinks the overall attack surface by detecting and preventing sophisticated known and unknown file-borne threats like advanced evasive malware, zero-day attacks, APTs (advanced persistent threats), and more. MetaDefender easily integrates with existing cybersecurity solutions at every layer of your organization’s infrastructure. With flexible deployment options purpose-built for your specific use case, MetaDefender ensures files entering, being stored on, and exiting your environment are safe—from the plant floor to the cloud. This solution uses a range of technologies to help your organization develop a comprehensive threat prevention strategy. MetaDefender protects organizations from advanced cybersecurity threats in data that originates from a variety of sources, such as web, email, portable media devices, and endpoints.Starting Price: $0 -
36
Cyberstanc Swatbox
Cyberstanc
Traditional malware sandboxing and simulation solutions may fall short of detecting emerging threats because they often rely on static analysis and pre-defined rules to detect malware. SWATBOX is an advanced malware simulation and sandboxing platform that utilizes simulated intelligence technology to detect and respond to emerging threats in real-time. It is designed to emulate a wide range of realistic attack scenarios, allowing organizations to assess the effectiveness of their existing security solutions and identify any potential vulnerabilities. SWATBOX utilizes a combination of dynamic analysis, behavioral analysis, and machine learning to detect and analyze malware samples in a controlled environment. It uses real-life malware from the wild, which involves creating a sandboxed environment that simulates a real-world target and seeding it with decoy data, to lure attackers into a controlled environment where they can be monitored and their behavior studied. -
37
Avira Protection Cloud
Avira
Using our world wide sensor network, Avira sees cyber threats as they emerge in real-time. The Avira Protection Cloud develops the intelligence associated with the threats we identify and makes it immediately available to our technology partners. Dynamic File Analysis combines multiple sandbox approaches for behavioral profiling to cluster and reveal similarity in the behavior of malware and identify advanced threats. Powerful rules allow the identification of behavior patterns that are specific to malware families and strains, or reveal the exact malicious intent of malware itself. Avira’s extended scanning engine is an extremely efficient way of identifying families of known malware. It uses proprietary definitions and heuristic algorithms as well as powerful content extraction and de-obfuscation techniques to identify malware. -
38
VirusTotal
VirusTotal
VirusTotal inspects items with over 70 antivirus scanners and URL/domain blocklisting services, in addition to a myriad of tools to extract signals from the studied content. Any user can select a file from their computer using their browser and send it to VirusTotal. VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API. The web interface has the highest scanning priority among the publicly available submission methods. Submissions may be scripted in any programming language using the HTTP-based public API. VirusTotal can be useful in detecting malicious content and also in identifying false positives, normal and harmless items detected as malicious by one or more scanners. As with files, URLs can be submitted via several different means including the VirusTotal webpage, browser extensions and the API. -
39
Healthy Package AI
DerScanner
Healthy Package AI by DerScanner is a handy solution designed to ensure the health and security of open-source packages, safeguarding your application from potential threats. By leveraging the power of DerScanner, which has examined over 100 million packages, developers can confidently evaluate open-source dependencies before integrating them into their projects. With Healthy Package AI, you can explore detailed insights, starting with just a GitHub URL or package name, such as Facebook React. The platform analyzes several critical metrics to provide a complete security assessment, including: Search Popularity: Identifies widely used and trusted libraries that are reliable for your projects. Author’s Reliability: Evaluates the authorship of projects to ensure contributors are experienced and trustworthy, mitigating risks from malicious developers.Starting Price: Free -
40
Intezer AI SOC
Intezer
Intezer AI SOC combines proven forensic capabilities with the adaptive reasoning of Agentic AI. The result is sub-minute triage across 100% of alerts, with less than 2% escalated for human review, a 98% verdict accuracy, and complete transparency. Intezer provides full coverage for all alert types including endpoint, network, email, identity, and cloud. Investigation outcomes are continuously fed into AI-driven detection engineering. Coverage is mapped and tracked against MITRE ATT&CK and new behavioral rules are deployed to address gaps in the detection posture. New alerting is funneled into Intezer AI SOC and creates a closed loop that continuously improves security posture over time. -
41
PolySwarm
PolySwarm
Unlike in any other multiscanner, in PolySwarm there is money at stake: threat detection engines back their opinions with money, at the artifact level (file, URL, etc.), and are economically rewarded and penalized based on the accuracy of their determinations. The following process is automated and is executed by software (engines) in near real time. Users submit artifacts to PolySwarm’s network via API or web UI. Crowdsourced intelligence (engine determinations) and a final score (PolyScore) are sent back to the User. The money from the bounty and the assertions becomes the reward, which is securely escrowed in an Ethereum smart contract. Engines that made the right assertion are rewarded with the money from the initial bounty from the enterprise plus the money the losing engines included with their assertions.Starting Price: $299 per month -
42
Palo Alto ATP
Palo Alto
Prevent zero-day attacks inline and in real-time with the industry’s first deep and machine-learning IPS. The only solution to block unknown C2 attacks and exploit attempts in real-time using advanced threat prevention's industry-first, purpose-built inline deep learning models. Safeguard your network from known threats, such as exploits, malware, spyware, and command and control attacks, with market-leading, researcher-grade signatures that don’t compromise performance. Palo Alto ATP blocks threats at both the network and application layers, including port scans, buffer overflows, and remote code execution, with a low tolerance for false positives. Protect against the most recent and relevant malware with payload signatures, not hash, to block known and future variants of malware, and receive the latest security updates from Advanced WildFire in seconds. Add to your threat coverage with flexible Snort and Suricata rule conversion for customized protections. -
43
QSourcer
QSourcer
Uncover top talent on LinkedIn, GitHub, Stack Overflow, with QSourcer's AI-powered Boolean search. Discover how QSourcer makes talent sourcing efficient, fun, and much easier. QSourcer uses AI to make writing Boolean search queries easier. It identifies key terms and suggests industry-specific synonyms, ensuring accurate searches on all major job platforms. This helps you find the best talent profiles quickly. Extracts essential keywords from job titles and descriptions, offering industry-specific synonyms and alternative terms for accurate Boolean search queries. Generates search queries for all major platforms, enabling direct platform searches or Google X-ray searches with one click. Detects the language of job titles and descriptions, creating search keywords to simplify finding candidates in any language. Copy and paste your job title and description into the provided form fields. Optionally, select the folder where you want to save the job for future reference. -
44
Cerber Security
Cerber Tech
Cerber Security vigorously defends WordPress against hacker attacks, spam, and malware. Blazingly fast and reliable by design. A set of specialized request inspection algorithms screen incoming requests for malicious code patterns and traffic anomalies. Bot detection engine identifies and mitigates automated attacks. Mitigates brute force and code injection attacks. Restricts access with GEO country rules. Prevents both REST API and ordinary user enumerations. Restricts access to REST API and XML-RPC. Uses a global list of IP addresses known for malicious activity. Detects bots by using heuristic and content-based algorithms. Checks IP against a real-time database of IP addresses known for disseminating spam, phishing attacks and other forms of malicious activity. Thoroughly scans every file and folder on your website for malware, trojans, and viruses. Automatically removes malware and viruses. Monitors new, changed, and suspicious files. -
45
WizWhy
WizSoft
WizWhy determines how the values of one field in the data are affected by the values of other fields. The system performs its analysis based on one field selected by the user as the dependent variable, while the other fields are the independent variables (or conditions). The dependent variable can be analyzed as either Boolean or continuous. The user can fine-tune the analysis by defining parameters such as the minimum probability of the rules, the minimum number of cases in each rule and the cost of a miss vs. the cost of false alarm. WizWhy reveals and lists the rules that relate between the dependent variable and other fields (conditions). The rules are formulated as if-then and if-and-only-if statements. On the basis of the discovered rules WizWhy points out the main patterns, the unexpected rules (interesting phenomena) and the unexpected cases in the data. WizWhy can issue predictions for new cases on the basis of the discovered rules. -
46
Tapflow
Tapflow
Tapflow is an AI-powered talent sourcing co-pilot designed to streamline the recruitment process for small and mid-sized agencies. By simply pasting a job description, Tapflow instantly creates an ideal candidate persona, automating the search across platforms like LinkedIn without the need for complex Boolean strings. The AI analyzes and ranks thousands of profiles based on relevance, providing recruiters with a prioritized list of top-fit candidates. Additionally, Tapflow facilitates personalized outreach by automatically generating tailored emails, enhancing candidate engagement. It also offers features such as exporting sourcing session results to CSV, integrating with email systems for direct communication, and collaborating with team members through its CRM. Trusted by over 250 recruitment teams, Tapflow transforms talent sourcing into a more efficient and effective process. -
47
STOPzilla AntiVirus
RealDefense
Active scanning quickly removes malware and prevents new infections in real-time. Hourly virus definition updates make sure the very latest infections are targeted. Improved smart web filter blocks malicious web sites from stealing your information. Works silently in the background. Will not impact computer performance. STOPzilla AntiVirus 8.0 detects viruses and malware in real-time before it is even saved to the hard drive. Preventative, faster detection than previous versions gives you the best antivirus protection possible. Many viruses and malware threats are designed to interfere with the operation of AntiVirus/AntiMalware products. STOPzilla AntiVirus 8.0 is designed to thwart this type of interference allowing the product to provide uninterrupted protection. Our smart Web Filter is a cloud based URL scanning utility that is updated with newly discovered threats every 5 seconds, protecting you from malicious websites that steal end-user information.Starting Price: $39.95 per year -
48
Hikido
Hikido
Build targeted candidate lists with access to 15M+ high quality technical candidates worldwide. Use powerful Boolean and similarity search to identify and source talent faster. We go beyond just contact info, and provide candidate intelligence tools to better assess candidate fit and increase candidate engagement. Each candidate profile is enriched with email address, work history, projects, education, skills timeline and more. We only focus on technical talent, and are continuously building new features and tools to help technical recruiters better assess candidate skill level and fit. Find the candidate you’re looking for in our comprehensive database of top developers and engineers. Use simple search queries, sophisticated Boolean strings or upload a resume and let Hikido identify the right candidates for you. Letraset sheets containing Lorem Ipsum passages, and more recently with desktop.Starting Price: $1.95 per two weeks -
49
Simple Malware Protector
Simplestar Software
Simple Malware Protector identifies threats and vulnerabilities on your PC and will neutralize them quickly and easily. It then constantly monitors your PC to ensure you’re protected against future infection. Simple Malware Protector is continuously updated to ensure you’re protected against the latest threats and vulnerabilities. You can schedule Simple Malware Protector to run at startup or any other time of day, ensuring you are in control of your protection. You can also choose a quick, deep, or custom scan depending on your needs and preferences. Simple Malware Protector will scan your PC and identify security threats and vulnerabilities. Simple Malware Protector can quickly and safely remove these threats and prevent them from reoccurring. Protect your computer from malware, spyware, and other security threats. Restore optimum security to your PC.Starting Price: $3.03 per month -
50
Wordfence
Defiant
Wordfence includes an endpoint firewall and malware scanner that were built from the ground up to protect WordPress. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Rounded out by a suite of additional features, Wordfence is the most comprehensive security option available. Wordfence runs at the endpoint, your server, providing better protection than cloud alternatives. Cloud firewalls can be bypassed and have historically suffered from data leaks. Wordfence firewall leverages user identity information in over 85% of our firewall rules, something cloud firewalls don’t have access to. And our firewall doesn’t need to break end-to-end encryption like cloud solutions.Starting Price: $99 per year
